Cyber Security System Engineer

작업 내용

Location:
Frankfurt, Germany

Security Clearance:
EU Restricted

Introduction:
The purpose of these services is to manage (implement, integrate, configure, and administer) cyber security components in order to support the provision of operational security services. The successful candidate is expected to take direct action on all or a part of a cyber defence infrastructure and to act as the main interface between business and technical units. Another aim is to support the provision of other services such as security analysis and incident handling, and carry out fine-tuned configuration and customization of cyber defence components in order to maximize their efficiency and performance whilst minimizing the amount of false positive detection ratio.

Skills, knowledge, experience required:

• Minimum 2 years’ experience in:
• Network security engineering and administration;
• System security engineering and administration;
• Security testing (functional and nonfunctional);
• Cryptography;
• At least 1 certification among the following:
• GSEC (GIAC Certified Security Essentials);
• GCWN (GIAC Certified Windows Security Administrator);
• GCED (GIAC Certified Enterprise Defender);
• GCUX (GIAC Certified UNIX Security Administrator);
• ENSA (EC-Council Certified Network Administrator);
• Microsoft Certified System Center Configuration Manager (SCCM);
• MCSA (Microsoft Certified Solutions Associate);
• An equivalent certification recognized internationally (subject to acceptance as a valid credential by the Contracting EU Institution (EU-I));
• Minimum 2 years’ experience with ISO 2700X standards;
• Minimum 3 years’ experience with ITIL best practices and ITIL implementation;
• Minimum 3 years’ experience of and an ability to design, develop, install, configure, test, monitor, maintain, troubleshoot, and upgrade at least one of the core cyber security infrastructure products and solutions;
• Minimum 2 years’ experience with:
• Cryptographic solutions including:
• Common standards and ciphers;
• Symmetric and asymmetric encryption;
• Public key infrastructure (PKI);
• Hardware security modules (HSM);
• Smartcards;
• Security protocols including:
• SSL/TLS;
• IPsec;
• VPN;
• Minimum 3 years’ experience of and an ability to write comprehensive documentation;
• Minimum 3 years’ experience with:
• Network protocols including IP, TCP, UDP, DNS, SMTP, Syslog-ng, HTTP, IP routing and fail-over protocols, and IEEE 802.1x;
• VMware vSphere and ESXi technologies;
• NetApp Storage NAS/SAN;
• Firewalls;
• Minimum 3 years’ experience in hardening/securing:
• MS Windows Servers and desktops;
• Unix-like systems such as:
• System V (SysV);
• Linux;
• Berkeley Software Distribution (BSD);
• Minimum 5 years’ experience with:
• MS Windows operating systems;
• Linux servers including:
• Red Hat Enterprise Linux Server;
• Debian;
• System monitoring solutions including:
• Nagios;
• Centron.

Desirable:

• Minimum 1 year of experience with:
• SABSA (Sherwood Applied Business Security Architecture);
• STIX (Structured Threat Information Expression) with a particular focus on the following related standards:
• CybOX (cyber observables);
• CAPEC (attack patterns);
• MAEC (malware);
• TAXII (threat information exchange);
• Minimum 2 years’ experience in:
• Authentication, authorization, and accounting, including:
• RADIUS;
• TACACS+;
• Kerberos;
• Enterprise Active Directory and Group Policy Object (GPO) development;
• Auditing systems and networks for configuration weaknesses and vulnerabilities;
• Administration and task automation using scripting and/or programming languages such as:
• Python;
• MS Windows PowerShell;
• Perl;
• Java;
• Minimum 3 years’ experience with:
• Oracle databases, including Oracle Real Application Clusters (RAC);
• Cisco Internetwork Operating System (IOS);
• Minimum 5 years’ experience with:
• Central password management/vault systems,
• PKI;
• HSM;
• Minimum 1 year of experience with Red Hat Ansible Tower.

Duties/role:

• Designing, implementing, and automating various cloud security controls and tools;
• Implementing and improving ITIL processes;
• Installing, configuring, maintaining, and upgrading cyber security components;
• Monitoring managed components and managing incidents and problems (ITIL definitions);
• Tuning performances;
• Performing day-to-day system management such as:
• User access management;
• Patch management;
• Hardening system and network components;
• Developing, maintaining, and rolling out reference configurations (ITIL Release and Deployment Management);
• Implementing and following security policies;
• Elaborating and maintaining system inventory/configuration management database (CMDB), system documentation, and operating procedures;
• Ensuring appropriate testing before applying changes (change evaluation);
• Managing changes through a structured change management process (ITIL Change Management);
• Reporting on service performances and availability, producing dashboards;
• Designing, developing, installing, configuring, testing, monitoring, maintaining, troubleshooting, and upgrading cyber security infrastructure;
• Providing expertise, guidance, recommendations, and documented security configurations for implementation of security tools and processes;
• Producing detailed engineering specifications;
• Evaluating and recommending secure configurations;
• Identifying security requirements based upon need or translating high-level security requirements into detailed technical requirements;
• Supporting various technical and non-technical stakeholders to specify and negotiate security requirements;
• Interacting with Network and System Engineering teams to effectively communicate and develop security solutions;
• Drafting documentation and standard operational procedures to support security systems operations;
• Ensuring the technical design and contributing to implementation of new components and/or enhancements in coordination with other team members, in particular Project Managers, Security Architects and Engineers;
• Ensuring Disaster Recovery Plan (DRP) through appropriate back-up methods to ensure the Recovery Time Objectives (RTO) are met;
• Ensuring service continuity for the managed components to defined Service Level Agreements (SLAs);
• Ensuring capacity planning;
• Supporting security monitoring use-case engineering;
• Performing security events collection technical design;
• Integrating log sources into a security information and event management (SIEM) solution;
• Elaborating and translating the security monitoring policy into monitoring rules;
• Investigating, diagnosing, and solving system-related problems;
• Scheduling installation work, liaising with all concerned to ensure that installation priorities are met and disruption to the organization is minimized;
• Diagnosing and solving problems and faults occurring in the operation of cyber security components;
• Complying with organization procedures to ensure integrity of the system;
• Recommending resolutions and improvements;
• Providing integrated solutions;
• Providing consolidated findings on components or processes;
• Documenting cyber defence components configurations;
• Ensuring that systems meet agreed service levels;
• Ensuring that communication performance, recovery, and security needs meet agreed service agreement standards;
• Contributing to definition of network design policies, philosophies, and criteria;
• Crafting, fine-tuning, and validating low-level intrusion detection rules for network and host protection;
• Developing, testing, and rolling out new releases of identity and access management solutions.

VECTOR SYNERGY sp. z o.o., ul. Marcelińska 90, 60-324 Poznań, NIP PL7811857270, REGON 301575740, KRS: 0000369575

Rejestr Przedsiębiorców KRS prowadzony przez Sąd Rejonowy Poznań – Nowe Miasto i Wilda w Poznaniu, VIII Wydział Gospodarczy KRS,

kapitał zakładowy wynosi: 73 500,00 złotych wpłacony w całości, TEL +48 616684500, FAX +48 616684501, www.vectorsynergy.com, info@vectorsynergy.com